package com.swang.pms.web.filter;

import java.io.IOException;
import java.util.List;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.swang.pms.model.enums.UserType;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.StringUtils;

import com.swang.pms.model.constants.CommonConstants;
import com.swang.pms.model.entity.ManageUser;


/**
 * @ClassName: PermissionFilter
 * @Description: 数据权限拦截控制
 * @author 王泽
 * @date 2017年3月16日 下午9:45:51
 */
public class PermissionFilter implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
            ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        HttpSession session = httpRequest.getSession();
        String url = httpRequest.getRequestURI().toString();
        CommonConstants.BASE_PATH_FULL = httpRequest.getContextPath();

        if (!isExpPath(url)) {
            Object obj = session.getAttribute(CommonConstants.SESSION_USER_KEY);
            if (obj != null) {
                ManageUser admin = (ManageUser) obj;
                if(UserType.SYSADMIN.getCode().equals(admin.getUserType())){
                    //超级管理员直接放行
                    chain.doFilter(request, response);
                    return;
                }
                if (isExpPath(url)) {
                    chain.doFilter(request, response);
                    return;
                } else {
                    List<String> menusList = admin.getMenusList();
                    if(CollectionUtils.isNotEmpty(menusList)){
                        for (String menuUrl : menusList) {
                            if (!StringUtils.isEmpty(menuUrl) && url.contains(getModuleURI(menuUrl))) {
                                chain.doFilter(request, response);
                                return;
                            }
                        }
                    }
                }
            }
        } else {
            chain.doFilter(request, response);
            return;
        }
        httpResponse.sendRedirect(CommonConstants.BASE_PATH_FULL + CommonConstants.NO_PERMISSION);
    }

    @Override
    public void destroy() {

    }

    private boolean isExpPath(String url) {
        for (int i = 0; i < CommonConstants.EXCEPT_PERMISSION_PATH.length; i++) {
            if (url.indexOf(CommonConstants.BASE_PATH_FULL + CommonConstants.EXCEPT_PERMISSION_PATH[i]) == 0
                    || url.equals(CommonConstants.BASE_PATH_FULL+"/")) {
                return true;
            }
        }
        return false;
    }

    public static String getModuleURI(String url) {
        int index = url.indexOf("/portal/") + 8;
        String temp1 = url.substring(0, index);
        String temp2 = url.substring(index);
        temp2 = temp2.substring(0, temp2.indexOf("/") + 1);
        return temp1 + temp2;
    }
    
}
